Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove redundant security schemes #70

Open
jonthegeek opened this issue Oct 9, 2023 · 2 comments
Open

Remove redundant security schemes #70

jonthegeek opened this issue Oct 9, 2023 · 2 comments

Comments

@jonthegeek
Copy link
Owner

FEC has 3 security schemes, each of which is included in the default options, and none of which are referenced anywhere else. They're all api_key schemes. They can be whittled down to the first, most-secure one (the one that passes in header).

Definitely get rid of schemes that aren't referenced in paths nor in rapid::security_requirements. Try to also eliminate redundant ones.
@jonthegeek
Copy link
Owner Author

Note: appwrite.io:server has 4 apiKey schemes, but 2 of them are really just universal parameters (locale and "Your Project ID"), so they aren't redundant. They're only redundant if they're in the same location and have the same name (eg, two fields named "api_key" in "query"), and even then be careful to make sure!

I also just saw one that's secretly a bearer token but they tell you that in the description (apideck.com:crm), so also watch out for those!

@jonthegeek
Copy link
Owner Author

(so far FEC is the only one with this issue!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
{rapid} releases
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jonthegeek